Over the last decade, malicious software (malware) has become a pervasive problem for Internet users. In some situations, malware is a program or file that is embedded within downloadable content and designed to adversely influence (i.e. attack) normal operations of a computer. Examples of different types of malware may include bots, computer viruses, worms, Trojan horses, spyware, adware, or any other programming that operates within the computer without permission.
For instance, content may be embedded with objects associated with a web page hosted by a malicious web site. By downloading this content, malware causing another web page to be requested from a malicious web site may be unknowingly installed on the computer. Similarly, malware may also be installed on a computer upon receipt or opening of an electronic mail (email) message. For example, an email message may contain an attachment, such as a Portable Document Format (PDF) document, with embedded executable malware. Also, malware may exist in files infected through any of a variety of attack vectors, which are uploaded from the infected computer onto a networked storage device such as a file share.
Over the past few years, various types of security appliances have been deployed at different segments of a network. These security appliances are configured to uncover the presence of malware embedded within ingress content propagating through over these different segments. However, there is no mechanism that operates, in concert with multiple security appliances, to correlate and consolidate information from these security appliances in order to provide a customer with a holistic view of a malware attack.